24 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-28856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an open source, in-memory database that persists on disk. Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that wil...
openSUSE: Security Advisory for redis7 (SUSE-SU-2023:2925-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6531-1: Redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. CVE-2022-24834 SeungHyun Lee discovered that Redis incorrectly handled specially crafted...
SUSE: Security Advisory (SUSE-SU-2023:3407-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : redis (SUSE-SU-2023:3407-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3407-1 advisory. - CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field. bsc1210548 - CVE-2022-24834: Fixed a heap...
SUSE-SU-2023:3407-1 Security update for redis
This update for redis fixes the following issues: - CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field. bsc1210548 - CVE-2022-24834: Fixed a heap overflow in the cjson and cmsgpack libraries. bsc1213193...
Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.6 security fixes and container updates
Red Hat Advanced Cluster Management for Kubernetes 2.6.6 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which...
CVE-2023-28856 affecting package redis 6.2.11-1
CVE-2023-28856 affecting package redis 6.2.11-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-28856 affecting package redis for versions less than 6.2.12-1
CVE-2023-28856 affecting package redis for versions less than 6.2.12-1. An upgraded version of the package is available that resolves this issue...
FreeBSD : redis -- HINCRBYFLOAT can be used to crash a redis-server process (96b2d4db-ddd2-11ed-b6ea-080027f5fec9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 96b2d4db-ddd2-11ed-b6ea-080027f5fec9 advisory. - Redis is an open source, in-memory database that persists on disk. Authenticated users can use the...
Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-164)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-164 advisory. Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and...
Fedora: Security Advisory for redis (FEDORA-2023-e4e3393396)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : redis (2023-e4e3393396)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e4e3393396 advisory. Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: CVE-2023-28856...
Fedora 36 : redis (2023-04239b5758)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-04239b5758 advisory. Redis 6.2.12 Released Mon Apr 17 16:00:00 IST 2023 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: CVE-2023-28856...
Debian dla-3396 : redis - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3396 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3396-1 [email protected] https://www.debian.org/lts/security/...
MGASA-2023-0156 Updated redis packages fix security vulnerability
Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access. CVE-2023-28856...
Updated redis packages fix security vulnerability
Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access. CVE-2023-28856...
Mageia: Security Advisory (MGASA-2023-0156)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Redis < 6.0.19, 6.2.x < 6.2.12, 7.0.x < 7.0.11 DoS Vulnerability
Redis is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if...